Hello Daniel et al...
My last posting was the basic script that works with Win3.x, Win 9.x and
upwards. At the end of your original question/comment I will post the basic
"script" that will "reset" every machine with a "NULL" password. It builds
on the basic "low level" script that I offered. Completed.txt will tell
which machines you were successful for and badmachines.txt will tell which
machines had a password other than a NULL. That is for you to sort. With
Johannes permission anyone is welcome to build from the basic script. I
know that there are a lot of people that have never been there before. Once
again the Caution, if you do not have explicit permission. You place
yourself at risk
At 10:11 AM 3/31/2004 -0500, you wrote:
>Hey guys,
>>I was hoping some of you could point me in the right direction help me out,
>I need to find and reset poor local administrator passwords (even just
>resetting NULL passwords would be a great help!) on approx 15k active IP's
>that are not logged into the main Active Directory domain.
>>Does anyone happen to have a tool/script that can do this? Or any ideas that
>may help me get through this evil task, my windows coding skills are
>non-existent.
This was tested as working.
<Start Search.bat>
REM Search.bat
REM Search through a known set of machines for Trojan Programs or
REM graphics or music or bad things that should not be there.
REM Or to run through a list of machine to preform useful functions.
REM
REM This implies that you have a list of machines that you want to
REM some operation against.
REM This script will function with about any OS that you have a
REM common Administrator Password for.
REM This is ran at the lowest level!
REM you need to create (1) simple zero byte file named "oops"
REM Al Reust, version 1.0 April 16 2004
REM For /f %%i in (machine.txt) Do (net use z: \\%%i\c$ /u:\administrator
password
REM For /f %%i in (machine.txt) Do (net use z: \\%%i\c$
/u:domain\administrator password
REM This checks for Machines with a NULL Password on the administrator account
For /f %%i in (machine.txt) Do (net use z: \\%%i\c$ /u:administrator ""
REM net use forcing a drive letter that can be connected to.
echo ------ >> completed.txt
date /t >> completed.txt
time /t >> completed.txt
echo %%i >> completed.txt
copy oops z:\winnt
REM echo %errorlevel% >> completed.txt ; to see what errorlevel is
being presented
REM Next check to see if the Net Use happened, if it failed I want to know.
REM This also useful for the "after the fact" sort/compare.
IF errorlevel = 1 echo "\\%%i has a problem" >> badmachines.txt
REM This also tells you what machines did not have a NULL Password.
REM 1. I hate little files that collect that could confuse the issue.
REM Use One or the Other of the lines below.
REM If exist z:\winnt\oops del z:\winnt\oops
REM 2. If the Net Use was successful log it.
If exist z:\winnt\oops echo "\\%%i has been connected" >> completed.txt
REM This can allow you to run it against machines that are "on" or can be
touched
REM Add what you want to happen here.. Between the Parenthesis
If exist z:\\winnt\oops (
cusrmgr -u administrator -m \\%%i -P Password
IF errorlevel = 0 echo "\\%%i changed the Administrator
Password" >> completed.txt
)
net use Z: /delete
REM pause
)
<End Search.bat>
I received a couple of private emails, a portion of what was pointed out
that the world has grown beyond the simple batch file. I do have to admit
that is true (LOL), but to make more "betta" things work you have to insure
it works across all platforms at the lowest common denominator. Then build
from there, thus the very simplistic script/batch file.
By changing the extension from ".bat" to ".cmd" you can then access other
system %variables% that can make life easier.